The two Californian companies, Juniper from Sunnyvale and Symantec from Cupertino, recently announced what they call a broad strategic partnership in security, involving joint development of unified threat management (UTM) appliances, intrusion-prevention systems, and network access control.
The two are heavyweights in their respective areas, and though they compete today in firewall/VPN, NAC and IDS/IPS, they are both major competitors to Cisco, a factor that clearly forms the backdrop to this alliance.
Depending on the analyst firm, Juniper is either number two or three in the carrier routing market behind Cisco. The other player is Alcatel, which some analysts rank above Juniper whose efforts to break into the enterprise market with its J-Series routers had a tepid reception, so two years ago it adopted a different tack, and spent $4bn to acquire firewall/VPN, SSL VPN and IDS/IPS upstart NetScreen.
Earlier this year it began to move into UTM appliances, which are multi-function security appliances aimed primarily at the branch and remote office environment, adding a routing capability to offer what some analysts are calling a branch-in-a-box, or BiaB, product: its Integrated Security Gateway portfolio. The products compete directly with Cisco’s Integrated Services Router and Adaptive Security Appliance product lines, which use some perimeter security functionality from Symantec competitor Trend Micro.
Meanwhile, Symantec last year acquired Sygate, taking the AV heavyweight into endpoint security where Cisco has its Network Admission Control offering and Juniper its Unified Access Control.
However, rather than continuing to compete in isolation against the networking giant, the two are now pooling their NAC technologies and working within the context of the standards-based approach by the Trusted Computing Group, based on its Trusted Network Connect spec, which they both want to drive to avoid Cisco dominance of this emerging space.
Equally, Cisco has just unveiled a collaboration with Microsoft Corp to make its NAC interoperate with the Microsoft’s Network Access Protection technology that is due to appear in Vista and Longhorn. This clearly behoves Symantec and Juniper to drive TNC-based NAC harder now before it is rendered irrelevant by a de facto standard represented by the Cisco NAC/Microsoft NAP coupling.
Another recent development that is also a factor here is EMC’s June $2.1bn acquisition of authentication vendor RSA. Market rumors suggested EMC swooped on RSA before another major player got there, with Symantec the name most commonly bandied about. Since its merger/acquisition of storage software heavyweight Veritas last year, Symantec has been butting heads directly with EMC’s own software division. Industry insiders say that with RSA providing some encryption technology used in EMC’s arrays, the prospect of the token authentication vendor falling into the hands of Symantec was unpalatable.
However, that move also left Symantec in edge security (anti-X, content filtering, firewall/VPN, and IDS/IPS) with a play in the core (NAC), but needing to beef up its offering in the latter, which is one of the areas the alliance with Juniper seeks to address.
While Juniper has been getting into UTM this year, Symantec a couple of month ago made a hazy announcement that it was exiting, or at least de-emphasizing the appliance market, a move which the announcement with Juniper throws into a new light. Rather than go it alone on UTM box development, Symantec sees benefits to riding in with its technology on Juniper’s hardware, leveraging both their channels to get to market.
On the back end, both companies have research teams sitting in network operation centers around the world, monitoring screens for threats and exploits. Juniper has its J-Security Team and Symantec the Global Intelligence Network, collaboration between which should in theory enable more a comprehensive service of security info feeds to common customers.
Symantec is already a significant security services player, and another recent relevant development is that IBM’s Global Services arm recently acquired IDS/IPS pioneer ISS, whose recent business strategy had been all about populating its customer’s networks with its Proventia security appliances, then selling the info feeds to them as part of an overall services play.
The Symantec/Juniper partnership looks similar in approach, at least in terms of the U and IPS strains of the announcement, while the NAC part appears to be a way of gaining mindshare and market share to compete with Cisco. Joint developments in all three areas will give the partners a portfolio to rival that of Cisco in security, even though neither company is currently in Ethernet switching, which is still the largest single contributor to the networking giant’s $29bn annual revenue. However, there are persistent rumors of a project deep within Juniper to develop a low-cost switching line based on Marvell silicon for launch in the second half of 2007.